Overview
Responsibilities
An Average Day: As the Information Assurance Specialist I you will support cybersecurity and compliance activities by ensuring information systems meet federal security requirements, maintain operational authorizations, and comply with standards such as the Risk Management Framework. You will work closely with system owners, administrators, and security stakeholders to:
- Audit systems, SOPs, and security checklists.
- Review and analyze audit logs for compliance with STIGs and IAVAs.
- Support Authorization to Operate (ATO) requirements through ongoing compliance monitoring.
- Manage system configuration baselines and documentation.
- Ensure compliance with RMF requirements, including media sanitization, contingency planning, incident response, insider threat policies, and ISAs/SLAs.
- Monitor cloud provider security controls, including FedRAMP-authorized environments.
- Create andmodifyrequired artifacts for RMF Steps 1-5.
- Conduct independent reviews, testing,and assessment of all information, artifacts, and other relevant datapertaining tosystems progressing through RMF.
- Load artifacts into eMASS.
- Select and tailor controls in eMASS.
- Develop Plan of Actions and Milestones (POA&Ms) / Risk Assessment Reports (RARs), and automated scan reviews.
- Responsible for Certification Test and Evaluation (CT&E) system's compliance with all applicable Information Assurance Controls (IACs) for an assigned system, including developing the appropriate test procedures, executing the test procedures, and accurately documenting the results of security testing.
- Review CT&E test plans and procedures to ensure the test plan addresses level of effort and validates all IA requirements.
Qualifications
- As a requirement of this position, all candidates must be a U.S. Citizen in accordance with8 U.S.C. 1324b(a)(2)(C).
- Must hold an active DoW Secret Clearance.
- Associate degree or higher in IT, Cybersecurity, Information Assurance, or related field; or 1 62 years of relevant professional experience
- Department of War (DoW) 8570.01-M, IAM Level II certification required.
- Two (2) or more years of experience in the cybersecurity field.
- Experience with assessment and authorization (A&A).
- Experience with assessing and validating RMF, National Institute of Standards and Technology (NIST), and Committee on National Security Systems Instruction (CNSSI)security controls.
- Hands-on experience witheMASS.
- Visio diagram creation and modification.
- RMF Documentation creation and modification (SSP, CCB, COOP, etc.).
- Familiarity with NIST 800-53 controls.
- Ability to provide security assessment reports that cover risks that the client should be aware of and mitigate risk with residual remaining risks.
Pay Transparency StatementAMERICAN SYSTEMS is committed to pay transparency for our applicants and employee-owners. The salary range for this position is USD $40.00/Hr. - USD $44/Hr. Actual compensation will be determined based on several factors permitted by law. AMERICAN SYSTEMS provides for the welfare of its employees and their dependents through a comprehensive benefits program by offering healthcare benefits, paid leave, retirement plans, insurance programs, and education and training assistance.